<?php #//AJAX PHP PENNY AUCTION v.1.1

#///////////////////////////////////////////////////////////
#//  COPYRIGHT 2009 Aaron Helmlinger ALL RIGHTS RESERVED  //
#///////////////////////////////////////////////////////////

require('./includes/config.inc.php');

#// Retrieve final value fees
#// If user is not logged in redirect to login page
if(!isset($_SESSION["PHPAUCTION_LOGGED_IN"]))
{
	Header("Location: user_login.php");
	exit;
}

#// Get closed auctions with winners
$query = "SELECT
			  a.auction,
			  a.seller,
			  a.winner,
			  a.bid,
			  a.fee,
			  b.id,
			  b.current_bid
			  FROM
			  PHPAUCTIONXL_winners a, PHPAUCTIONXL_auctions b
			  WHERE
			  a.auction=b.id AND
			   (b.closed='1' OR b.closed='-1') AND b.suspended=0 AND
			  a.winner='$_SESSION[PHPAUCTION_LOGGED_IN]'
			 ORDER BY a.closingdate DESC";
$res = @mysql_query($query);
if(!$res)
{
	MySQLError($query);
	exit;
}
else
{

	while($row = mysql_fetch_array($res))
	{
		$query = "SELECT title,ends,paid,reserve_price,current_bid,winlimit FROM PHPAUCTIONXL_auctions WHERE id='$row[auction]'";
		$r = @mysql_query($query);
		if(!$r)
		{
			MySQLError($query);
			exit;
		}
		           
                       
//$auction_id = mysql_result($r,0,"id");
		$AUCTIONS[$row[auction]] = stripslashes(mysql_result($r,0,"title"));
		$AUCTIONS_ENDS[$row[auction]] = stripslashes(mysql_result($r,0,"ends"));
		$AUCTIONS_PAID[$row[auction]] = stripslashes(mysql_result($r,0,"paid"));
		$RESERVE_PRICE[$row[auction]] = stripslashes(mysql_result($r,0,"reserve_price"));
		$CURRENT_BID[$row[auction]] = stripslashes(mysql_result($r,0,"current_bid"));
		$WINLIMIT[$row[auction]] = stripslashes(mysql_result($r,0,"winlimit"));
		#// Get seller's details
		$query = "SELECT nick,email,payment_details,phone FROM PHPAUCTIONXL_users WHERE id='$row[seller]'";
		$re_ = @mysql_query($query);
		if(!$re_)
		{
			MySQLError($query);
			exit;
		}
		$query = "SELECT quantity FROM PHPAUCTIONXL_bids
					  WHERE
					  bidder='$_SESSION[PHPAUCTION_LOGGED_IN]'
					  AND
					  auction='$row[auction]'";
		$resq = @mysql_query($query);
		if(!$resq)
		{
			MySQLError($query);
			exit;
		}
		$SELLER[$row[auction]] = $row['seller'];
		$BID[$row[auction]] = $row['bid'];
    $SELLER_PHONE[$row[auction]] = mysql_result($re_,0,"phone");
		$SELLER_NICK[$row[auction]] = mysql_result($re_,0,"nick");
		$SELLER_EMAIL[$row[auction]] = mysql_result($re_,0,"email");
		$SELLER_PAYMENT[$row[auction]] = mysql_result($re_,0,"payment_details");
		$query = "SELECT * FROM PHPAUCTIONXL_feedbacks
					WHERE auction_id =".$row['auction']."
					AND rated_user_id = ".$row['seller']."
					AND (rater_user_nick = '".$_SESSION['PHPAUCTION_LOGGED_IN_USERNAME']."'
					OR rater_user_nick='autofeedback')";
		$resfeed=mysql_query($query);
		$hasfeed=mysql_num_rows($resfeed);
		if($hasfeed==0) {
			$SELL_FDB[$row['auction']] = $row['seller'];
		} else {
			$SELL_FDB[$row['auction']] = "";
		}

	}
}


$query = mysql_fetch_array(mysql_query("SELECT adminmail FROM PHPAUCTIONXL_settings"));
   $adminemail = $query['adminmail'];
 
 

require("header.php");
include phpa_include("template_buying_php.html");
include "./footer.php";
    
?>
